Skip to main content

Security Operations Center Analyst

Remote

How to Apply

Send your resume and cover letter to [email protected].

Description

Total Assure is seeking a Security Operations Center (SOC) Analyst. The Analyst will provide cybersecurity monitoring and incident response services for our clients. This role will focus on identifying, classifying, reporting, and mitigating cybersecurity incidents.

Key Responsibilities

  • Monitors and analyzes network traffic, system logs, and other security data for signs of malicious activity.
  • Leverages Security Information and Event Management (SIEM) tools to view and investigate security alerts and notable events.
  • Handles incidents through their lifecycle; analyze, triage, contain, and remediate security incidents, as well as recommends improvements to prevent future security incidents, and ways to expedite response to security incidents based on lessons learned.
  • Communicates effectively with technical and non-technical users in a timely manner.
  • Prepares situational awareness reports for the customer, its constituent bureaus, and/or department management.
  • Develops and maintains response manual and automated response playbooks.
  • Facilitates development of SIEM detection and ingestion strategies to improve SOC visibility.
  • Conducts forensic analysis on hosts and logs as malware analysis as deemed necessary.
  • Performs threat hunting based on new techniques.
  • Develops and implements security procedures to prevent future incidents.
  • Provides technical support to other members of the security team.
  • Stays up to date on the latest security threats and trends.

Qualifications

Required Skills / Education / Certifications & Qualifications:

  • 3-5 years of SOC analyst experience
  • Possess and maintain IAT 8140 certification, one of each of the following lists:
    • CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, CCSP
    • CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest+
  • Experience with SIEM tools, like Splunk and Microsoft Sentinel
  • Subject-matter expertise in analyzing network packets, SIEM alerts, and server and application logs to investigate incidents for anomalous/malicious activities
  • Experience tracking incidents against a framework such as MITRE Telecommunication&CK or Cyber Kill Chain methodology
  • Able to perform advanced analysis on advanced persistent threats and map out the threat lifecycle

Desired Skills

  • Experience with multiple vendor technologies such as Splunk Cloud, Splunk SOAR, and Splunk UBA
  • Forensic investigation and malware analysis experience
  • Inquisitive, problem-solving oriented
  • Can-do attitude with a strong sense of ownership
SOC 2 TYPE IISOC 2 TYPE II CERTIFIED certification shield
CERTIFIED
HIPAAHIPAA COMPLIANT certification shield
COMPLIANT
ISO 27001ISO 27001 CERTIFIED certification shield
CERTIFIED

Our Trusted Partners